This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
File:                     OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft (raw, json)
Hash identifier:          IBRagkbtD3wpblK6b/L6821HTHDFfGTtnXPtegNQ240=
Subject key identifier:   90:7F:FB:FC:A3:2F:E6:C2:FE:A9:CE:A7:4A:83:00:8A:E7:03:95:82
Authority key identifier: 38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7
Certificate issuer:       /CN=38728e9bd37399df9ffae587bd06884b350a65b7
Certificate serial:       019B3EA370710DFF0DBCA00EF92E0DF79DA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
Manifest number:          1673
Signing time:             Sun 21 Dec 2025 02:00:57 +0000
Manifest this update:     Sun 21 Dec 2025 02:00:57 +0000
Manifest next update:     Mon 22 Dec 2025 02:00:57 +0000
Files and hashes:         1: OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl (hash: kOVd6D9qiyTOkjhpZJzsZl1XSDD4BnjeKvh0/PO64B4=)
                          2: twJfM1b3K1XophieDfrOK9Yb-bY.roa (hash: MXmmwrQwlazvGbzqXnWAVBTx7ErXJeD/39Xn13fKyq4=)
                          3: yDG1vLQ-KGVU7rKzL_YKjYA7asI.roa (hash: nobKKBS8kgxDPf0JFjAg1XT1LQOMq5xVuTfEuqxhhFw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 22 Dec 2025 00:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:3e:a3:70:71:0d:ff:0d:bc:a0:0e:f9:2e:0d:f7:9d:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38728e9bd37399df9ffae587bd06884b350a65b7
        Validity
            Not Before: Dec 21 02:00:57 2025 GMT
            Not After : Dec 22 02:00:57 2025 GMT
        Subject: CN=907ffbfca32fe6c2fea9cea74a83008ae7039582
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:2a:5c:55:14:70:5f:c2:f2:d0:4f:40:bb:90:
                    13:c6:20:a8:eb:db:98:70:20:a8:ec:68:f3:db:3b:
                    00:b2:b5:3d:7e:0a:e8:ff:4b:e0:ac:c9:67:ff:48:
                    e6:37:30:17:8e:82:93:40:8d:e2:d9:f5:c6:66:ab:
                    7a:eb:6e:22:06:6c:95:be:1b:1e:a5:d8:7a:25:0e:
                    91:cb:44:cf:2a:f4:dd:36:05:55:be:08:f5:dc:d2:
                    0d:f2:d3:f5:5f:33:aa:79:d6:a2:79:3a:5f:8f:e7:
                    05:ae:c1:dc:2e:ad:9e:2d:eb:80:52:f4:55:28:aa:
                    df:96:a6:3d:3f:68:43:6a:d8:38:78:a5:99:7e:ef:
                    ea:48:c3:69:4d:ef:9a:82:ca:89:c6:25:74:af:a8:
                    f3:1e:2e:bc:d5:b2:87:b9:13:ca:b4:1c:ec:3d:22:
                    7c:dc:52:df:06:33:14:36:a5:ce:0c:10:02:ee:d7:
                    07:2d:36:12:29:37:4a:19:34:1f:2b:dc:8f:3a:fc:
                    ea:e2:9c:bd:80:f5:42:6d:a5:69:6e:4a:1e:fe:a6:
                    41:5c:5c:42:c4:88:c8:75:3a:56:e2:8d:ff:f3:f7:
                    a1:6d:5c:43:a1:26:22:2d:8b:4e:fa:8d:34:da:27:
                    3b:45:09:d2:f9:ef:62:59:37:20:e9:c0:06:8c:45:
                    4f:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:7F:FB:FC:A3:2F:E6:C2:FE:A9:CE:A7:4A:83:00:8A:E7:03:95:82
            X509v3 Authority Key Identifier:
                keyid:38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:2a:a0:8f:ab:6b:66:da:01:ba:23:b4:24:13:31:75:73:e2:
         37:82:17:39:1c:04:83:5e:7c:0d:62:df:84:e8:ae:28:f0:e9:
         28:95:a0:d7:cd:0d:3f:90:77:79:82:ac:39:13:bb:0b:2f:4a:
         7b:03:01:57:61:2d:50:cc:e4:fa:7e:2f:49:2a:fc:de:b2:07:
         aa:d5:3c:b9:bf:c0:a7:45:dc:9d:17:6f:1e:bf:e9:98:4e:b7:
         86:8f:c7:c4:4e:30:27:62:11:73:2a:60:d0:3f:ff:7c:f0:a8:
         92:3d:71:ff:bc:2d:2a:9f:9b:1b:74:bc:af:76:9f:53:cc:4c:
         27:08:77:48:cc:c0:77:bd:2d:ca:da:72:e9:fe:44:e0:87:5c:
         28:47:b9:eb:23:ae:6a:90:59:53:22:64:93:4c:55:28:10:3e:
         13:8c:81:86:53:de:07:23:f6:0f:6d:58:12:bd:fa:0c:58:8d:
         f1:9b:d2:5b:d1:6f:2f:d0:47:79:22:ee:3d:75:ec:6d:be:e7:
         1e:9e:1e:ac:4c:7d:e1:e7:21:f4:b7:4d:f9:bf:86:64:7a:a9:
         ce:b9:22:4c:69:09:79:e7:94:02:cd:0e:59:dc:46:66:37:c4:
         4c:e4:44:c9:53:d0:7f:94:f7:dc:a4:35:c2:3c:b3:77:37:c9:
         f0:3a:81:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs+o3BxDf8NvKAO+S4N952lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NzI4ZTliZDM3Mzk5ZGY5ZmZhZTU4N2JkMDY4ODRiMzUw
YTY1YjcwHhcNMjUxMjIxMDIwMDU3WhcNMjUxMjIyMDIwMDU3WjAzMTEwLwYDVQQD
Eyg5MDdmZmJmY2EzMmZlNmMyZmVhOWNlYTc0YTgzMDA4YWU3MDM5NTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCpcVRRwX8Ly0E9Au5ATxiCo69uY
cCCo7Gjz2zsAsrU9fgro/0vgrMln/0jmNzAXjoKTQI3i2fXGZqt6624iBmyVvhse
pdh6JQ6Ry0TPKvTdNgVVvgj13NIN8tP1XzOqedaieTpfj+cFrsHcLq2eLeuAUvRV
KKrflqY9P2hDatg4eKWZfu/qSMNpTe+agsqJxiV0r6jzHi681bKHuRPKtBzsPSJ8
3FLfBjMUNqXODBAC7tcHLTYSKTdKGTQfK9yPOvzq4py9gPVCbaVpbkoe/qZBXFxC
xIjIdTpW4o3/8/ehbVxDoSYiLYtO+o002ic7RQnS+e9iWTcg6cAGjEVP5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJB/+/yjL+bC/qnOp0qDAIrnA5WCMB8GA1UdIwQY
MBaAFDhyjpvTc5nfn/rlh70GiEs1CmW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iZTNlMjUtODgxYy00YWVjLWE5MzIt
ZjhjZmEzM2Q2ODRlLzEvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iZTNlMjUtODgxYy00YWVjLWE5MzItZjhjZmEzM2Q2ODRl
LzEvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiCqgj6tr
ZtoBuiO0JBMxdXPiN4IXORwEg158DWLfhOiuKPDpKJWg180NP5B3eYKsORO7Cy9K
ewMBV2EtUMzk+n4vSSr83rIHqtU8ub/Ap0XcnRdvHr/pmE63ho/HxE4wJ2IRcypg
0D//fPCokj1x/7wtKp+bG3S8r3afU8xMJwh3SMzAd70tytpy6f5E4IdcKEe56yOu
apBZUyJkk0xVKBA+E4yBhlPeByP2D21YEr36DFiN8ZvSW9FvL9BHeSLuPXXsbb7n
Hp4erEx94ech9LdN+b+GZHqpzrkiTGkJeeeUAs0OWdxGZjfETOREyVPQf5T33KQ1
wjyzdzfJ8DqB1Q==
-----END CERTIFICATE-----
Generated at Sun Dec 21 07:40:19 2025 by rpki-client